Site Security, Best location for connection files

[shortone]

Hi Guys,

I am aware that I have some connection files such as db.php that contain passwords and logins sat in folders on my site. Whats the best way of making sure they cant be accessed by hackers ? Is it simply a case of chmod 644 on each file ?

 

[shortone]

Thanks for the replies guys

 

[shortone]

Put them in your root (www) directory and chmod them to 777

What and publish the login and password on the home page as well